Vulnerabilities > PHP Fusion > Expanded Calendar Module > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-10-03 | CVE-2007-5187 | SQL Injection vulnerability in PHP-Fusion Expanded Calendar Module and PHP-Fusion SQL injection vulnerability in infusions/calendar_events_panel/show_single.php in the Expanded Calendar 2.x module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the sel parameter. | 7.5 |
| 2007-04-03 | CVE-2007-1845 | SQL Injection vulnerability in PHP Fusion Expanded Calendar Module 2.0 SQL injection vulnerability in show_event.php in the Expanded Calendar (calendar_panel) 2.00 module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the m_month parameter. | 7.5 |